Past Articles
Here we collect and archive articles that were featured on our past newsletters.
Original newsletters gathered here.
February 13th Newsletter Content [Original Newsletter]
Subject: IPMeter- Feb 13, Imron Summit, Indiana Legislature, (HOTw) Leaked WiFi Passwords, Cybersecurity Weakest Link, Network Edge Guidance
Imron Security Summit Jan 29th 2025 SoFi Stadium (Post Action Report)
The Imron Security Summit at SoFi Stadium was a great event, bringing together industry leaders, cybersecurity experts, and security professionals to discuss the latest challenges and innovations in securing our infrastructure. I had a fantastic time participating in the cybersecurity panel, where we tackled audience questions and explored critical security topics alongside experts like Lance Larson, Ph.D., CISSP (SDSU), Angelica Lee (FBI), Grace Dees (Resonance), and Taylor May, MBA (SVIP). Beyond the insightful discussions, the event provided a unique networking experience, from running the 40-yard dash to standing at the 50-yard line, taking in the impressive stadium setting. A huge thank you to Imron Hussain and Fawzia Atcha, Ph.D., for hosting such a well-organized and impactful summit. It was great connecting with customers, students, vendors, and fellow industry professionals—looking forward to seeing how these conversations continue at future summits! Stay tuned for more photos from the event. #Cybersecurity #SecuritySummit #Innovation
Hack of the Week (HOTw)
Unsecured Database Leaks Wi-Fi Passwords and Device Data
A significant IoT security breach has exposed 2.7 billion records, including Wi-Fi network names, passwords, IP addresses, and device identifiers. The unprotected database, linked to Mars Hydro and LG-LED SOLUTIONS LIMITED, was discovered by cybersecurity researcher Jeremiah Fowler. This incident underscores critical vulnerabilities in IoT device security and cloud storage practices. The exposed data poses severe risks, including network infiltration, botnet recruitment, and potential physical threats to connected systems. This breach highlights the urgent need for robust security measures in IoT devices and cloud storage. #IoTSecurity #CISA #IPMeter #DataBreach #CyberSecurity
At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
The recent IoT data breach highlights a critical gap in the security of connected devices and their associated cloud services. To address this, manufacturers should implement secure coding practices, conduct thorough vulnerability assessments, and provide users with clear guidelines on securing their devices. Additionally, adopting frameworks like NIST 800-53 can help organizations establish comprehensive security controls. As we continue to integrate IoT devices into various sectors, such as building management, ensuring their security is paramount to maintaining the integrity of our infrastructure.
Indiana State Legislature: Mandatory Vulnerability Testing of Water Systems REQUIRED: Hello IPMeter
Good Work Indiana. Cyber threats targeting water treatment plants are on the rise, and Indiana is taking action. A new bipartisan bill, Senate Bill 459, will require water facilities to conduct annual cybersecurity assessments, address vulnerabilities, and report cyber incidents within strict timeframes. With past attacks, including one linked to Russian hackers, highlighting the urgency of the issue, this legislation aims to strengthen the resilience of critical infrastructure. IPMeter has simple to use VA appliances ready to ship to support this new requirement. #IoTSecurity #CISA #IPMeter #CyberResilience #CriticalInfrastructure At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
Legislation like Senate Bill 459 is the silver bullet operators and customers needed. Municipal Water plants—and critical infrastructure in general—remain vulnerable because many systems are outdated, unmonitored, and lacking fundamental security controls. That's the usual mumbo jumbo.. but dig a little deeper and you realize that our nation is decentralized by design, allowing local water systems the ability to support diverse water needs like geography and population density. But in the same way we have common set of rules (generally) for water quality, we also need a general minimum quality for cybersecurity. Letting foreign and domestic terrorists exploit our lack of top town government is a fail and Indiana leads the way out. These exploits to water and wastewater have already occurred in Florida, Pennsylvania and Israel show municipal guardrails protect our communities.
IoT Devices: Strengthening the Weakest Link in Cybersecurity
The proliferation of Internet of Things (IoT) devices has introduced significant security challenges. Many of these devices lack fundamental protections such as encryption, regular firmware updates, and secure boot processes, making them susceptible to cyber threats. The issue is compounded by the rapid adoption of IoT technology across various sectors, often without adequate security considerations. To mitigate these risks, it's crucial to implement robust security measures and promote industry-wide standards for IoT device security. #IoTSecurity #CISA #IPMeter #Cybersecurity #TechInnovation
At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
Protecting the Network Edge: Guidance from International Security Agencies
In a recent initiative, national intelligence services from five countries have provided enterprises with comprehensive advice to enhance security at the network edge. This collaboration aims to assist organizations in mitigating risks associated with edge devices and infrastructure. The guidance emphasizes the importance of implementing robust security measures to protect against potential threats targeting the periphery of corporate networks.
At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
While the guidance from national intelligence services is a valuable resource, organizations must recognize that securing the network edge requires a proactive and comprehensive approach. Relying solely on external advice is insufficient; enterprises must invest in continuous monitoring, regular security assessments, and the adoption of advanced security technologies to effectively safeguard their edge infrastructure.
December 19th Newsletter Content [Original Newsletter]
Subject: IPMeter- Dec 19, Imron Summit, (HOTw) Telecom Threats, Korean IoT Certification, Data Breach
Imron Security Summit Jan 29th 2025 SoFi Stadium
IMRON Corporation is hosting a Security and Safety Summit on January 29th, 2025 at SoFi Stadium (Inglewood, near LAX). Speakers, experts, and vendors will be present and covering topics including physical and cyber security. Speakers include Steve Kiss, #IPMeter
Steve Kiss, CEO of IPMeter will be speaking at this event. The topics are still coming together but the lunch breakout session will be focused on specifying, constructing, installing, testing and commissioning. So if that is your role, contact us. Steve Kiss, CEO of IPMeter, will participate in the cybersecurity panel alongside the following experts:
-
Lance Larson (Moderator, San Diego State University)
-
Angelica Lee (FBI)
-
Grace Dees (Resonance Security)
-
Taylor May (SVIP News)
Additionally, Steve will present during lunch, focusing on construction topics, including specifying, constructing, installing, testing, and commissioning. This year, one of the sessions will be held on the 50-yard line, offering a unique setting.
This session will be especially valuable for construction managers, owner representatives, professional engineers, operators, and low voltage system designers. If these areas align with your role, contact us for an invitation.
Stay tuned as more details about the event are finalized.
Hack of the Week (HOTw)
The U.S. Strikes Back: Protecting Telecoms from Cyber Threats
The Biden administration has taken its first steps to retaliate against China for the recent breach of U.S. telecommunications networks by the China-backed hacking group Salt Typhoon. A preliminary finding from the Commerce Department identifies China Telecom Americas as a national security risk, setting the stage for potential actions against the company. This hack compromised major networks like Verizon, AT&T, and Lumen Technologies, raising concerns about sensitive data exposure, including wiretap surveillance. With escalating tensions and bipartisan calls for stronger retaliation, this development signals a critical moment in safeguarding America’s infrastructure. At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo. #Iotsecurity #CISA #ipmeter #cybersecurity #criticalinfrastructure
China's penetration of U.S. telecom networks is a glaring reminder of the vulnerabilities in our critical infrastructure. Retaliation is necessary, but we must pair it with proactive measures, including better network segmentation, stronger encryption standards, and adherence to frameworks like NIST 800-53. This breach highlights the cascading risks posed to interconnected systems, from water treatment facilities to aviation and beyond. The time for comprehensive action is now, leveraging tools and expertise to protect national infrastructure from adversaries intent on exploitation.
IoT Security Certification what we can learn from a Korean Vacuum
Samsung's Bespoke AI Steam robot vacuum cleaner has become the first to receive Korea's highest IoT security certification, marking a significant step forward in safeguarding smart devices. With concerns over IoT vulnerabilities growing due to hacking and privacy breaches, this certification by the Ministry of Science and ICT and KISA highlights a government-led push for safer IoT products. This milestone underscores the importance of rigorous security standards as IoT devices, from smart appliances to home cameras, become more ingrained in daily life. At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo. #Iotsecurity #cybersecurity #smarthome #criticalinfrastructure #ipmeter
The certification of Samsung's Bespoke AI Steam vacuum cleaner is a welcome development but also a stark reminder of how far we need to go. While this achievement sets a precedent for IoT security, the industry cannot afford complacency. Smart devices like robot vacuums and home cameras operate in deeply personal spaces, making their security vulnerabilities a direct threat to consumers' privacy. Governments and manufacturers must work together to make these certifications the norm, not the exception. This initiative should expand globally, with unified standards and mutual recognition agreements like Korea’s MRA with Singapore leading the way. IoT security is no longer optional—it's foundational. As the lines between convenience and vulnerability blur, proactive measures are essential to secure the rapidly growing IoT ecosystem. It’s time to prioritize robust certifications and consumer education, ensuring that innovation doesn’t come at the cost of safety.
Granite School District Data Breach Exposes Personal Information of 450,000 Students
(California) Granite School District recently disclosed a cybersecurity breach that compromised the personal data of all current and former students, along with employee records. The incident involved ransomware, with attackers gaining access to sensitive information such as Social Security numbers, addresses, and grades. This breach underscores the growing need for robust cybersecurity in educational institutions. The district has since implemented measures like multi-factor authentication and is notifying affected individuals to help them take proactive steps against potential misuse of their data. At IPMeter, we are committed to safeguarding data and ensuring the security of critical systems. Our tools are designed to assess vulnerabilities, monitor performance, and protect against cyber threats. Reach out to us at demo@ipmeter.net to learn how we can help secure your infrastructure. #cybersecurity #databreach #education #criticalinfrastructure #ipmeter
The Granite School District data breach is another stark reminder of the vulnerabilities in the education sector's digital infrastructure. Schools, often lacking the robust cybersecurity frameworks of corporations, are increasingly targeted by attackers. With over 450,000 records compromised, this breach could have lasting implications for the affected students and employees, many of whom may not even be aware of the risks they now face. Educational institutions must adopt comprehensive security practices, including regular vulnerability assessments, robust access controls, and employee training on cybersecurity awareness. While the district’s move to implement multi-factor authentication is a step in the right direction, prevention through proactive measures is key. Data security is not just a technical issue; it’s an ethical responsibility. Schools must prioritize protecting sensitive information, investing in systems and processes that can withstand the growing sophistication of cyberattacks. The cost of inaction—lost trust, financial liability, and long-term harm to individuals—is far greater than the investment needed to secure these systems.
![[Steve Kiss at SoFi Stadium, Iglewood, CA]](https://static.wixstatic.com/media/0797ad_73c3a1b35ae548eca01e9f9453b255d8~mv2.png/v1/fill/w_599,h_337,al_c,q_85,usm_0.66_1.00_0.01,enc_avif,quality_auto/0797ad_73c3a1b35ae548eca01e9f9453b255d8~mv2.png)
December 12th Newsletter Content [Original Newsletter]
Subject: IPMeter- Dec 12, Imron Summit, (HOTw) Krispy Kreme, EU Cyber Resilience, FCC UL Solutions, Censys Report, Nozomi Networks/Advens
Imron Security and Safety Summit
IMRON Corporation is hosting a Security and Safety Summit on January 29th, 2025 at SoFi Stadium (Inglewood, near LAX). Speakers, experts, and vendors will be present and covering topics including physical and cyber security. Speakers include Steve Kiss, #IPMeter
Steve Kiss, CEO of IPMeter will be speaking at this event. The topic is still coming together but the lunch breakout session will be focused on specifying, constructing, installing, testing and commissioning. So if that is your role, contact us. We will get you an invite.
Hack of the Week (HOTw)
Bad Operator, No Donut
Hackers have found the hole in Krispy Kreme's cybersecurity—and no, it's not the glazed kind. A recent cyberattack disrupted the company’s online ordering systems, forcing them to disclose the incident in an 8K filing with the SEC. While physical stores are still slinging doughnuts, the hack highlights how no business is safe from cyber threats. In response, Krispy Kreme has brought in outside cybersecurity experts and tapped into its insurance policy to offset costs.
At IPMeter, we can’t guarantee hackers won’t want doughnuts, but we can make sure they don’t disrupt critical infrastructure. So next time your in the control room, eating a jelly filled, its time to think a little about cybersecurity. If it can happen to your donut, it can happen to you.
EU Cyber Resilience Act: A New Era for Secure Smart Devices
The European Union’s new Cyber Resilience Act (CRA) is now in effect, setting mandatory cybersecurity standards for connected devices. These devices, such as smartwatches, toys, and home appliances, must undergo security support, including updates to address vulnerabilities. The CRA applies throughout the product lifecycle, from design to operation, and even extends to retailers. While manufacturers have until December 2027 to comply, the law is designed to reduce hacking risks associated with insecure smart devices. Non-compliance can result in fines of up to 2.5% of annual global turnover.
The European Union has implemented the Cyber Resilience Act to enforce stronger cybersecurity measures for connected devices like smartwatches and home appliances. This law requires product manufacturers to update devices to fix security vulnerabilities and ensure compliance throughout the product’s lifecycle. The law will apply across the EU, and products can be marked with a CE certification to show they meet the standards. Manufacturers face penalties for non-compliance, including hefty fines based on global turnover. We help manufactures spot vulnerabilities. Lets connect at sales@ipmeter.net #CyberSecurity #SmartDevices #EURegulations #IoTSecurity #IPMeter
FCC Appoints UL Solutions to Lead U.S. Cyber Trust Mark for IoT Devices
The Federal Communications Commission (FCC) has appointed UL Solutions as the lead administrator for its U.S. Cyber Trust Mark program. This voluntary program aims to certify the cybersecurity of wireless Internet of Things (IoT) devices such as security cameras, fitness trackers, and smart appliances. Products that meet cybersecurity standards will carry the U.S. Cyber Trust Mark label with a QR code for further consumer information. UL Solutions will oversee the application process, set technical standards, and promote consumer education about secure IoT devices.
UL Solutions has been chosen by the FCC to lead the U.S. Cyber Trust Mark program, a voluntary initiative to enhance the cybersecurity of wireless IoT devices. Devices like home security cameras, fitness trackers, and smart appliances that meet cybersecurity criteria will display the U.S. Cyber Trust Mark label. UL Solutions will also help define technical standards, manage product evaluations, and engage in consumer education efforts. The program aims to improve transparency and consumer confidence in IoT security. As the cybersecurity landscape for IoT devices grows more complex, IPMeter offers the tools needed to ensure your connected devices meet the highest standards of security. From vulnerability scanning to real-time performance monitoring, IPMeter supports manufacturers in achieving compliance with programs like the FCC’s U.S. Cyber Trust Mark. Contact sales@ipmeter.net to learn how we can help secure your devices and networks.
Hashtags: #CyberSecurity #IoTSecurity #FCC #CyberTrustMark #IPMeter
Thousands of Healthcare Devices Exposed to Cybersecurity Risks, Warns Censys Report
A recent report by Censys reveals that over 14,000 healthcare devices and systems are exposed to the public internet, creating serious security risks. Many of these devices contain sensitive medical data and are vulnerable to attacks, especially those using legacy protocols like DICOM. Security researcher Himaja Motheram emphasizes the need for healthcare organizations to secure exposed devices, implement authentication and encryption on DICOM interfaces, enforce multi-factor authentication for EHR systems, and apply security patches promptly. She also highlights the importance of monitoring access logs and prioritizing data protection to mitigate risks.
A report by Censys highlights that over 14,000 healthcare devices and systems are exposed online, risking the security of sensitive medical data. Many vulnerabilities stem from the DICOM protocol and unsecured Electronic Health Record (EHR) systems. Security expert Himaja Motheram advises healthcare organizations to remove public access to these devices, use multi-factor authentication, and implement encryption. She also stresses the importance of patching vulnerabilities and monitoring systems for suspicious activity to prevent data breaches. With the increasing risks to healthcare IoT devices and systems, IPMeter’s advanced vulnerability scanning and monitoring solutions help ensure your devices are secure and compliant. Our platform detects security weaknesses in medical systems, including those exposed online, and provides real-time alerts to prevent data breaches. Protect your sensitive data today—contact sales@ipmeter.net to learn more about our tailored cybersecurity solutions for healthcare.
#HealthcareSecurity #IoTSecurity #DataProtection #CyberSecurity #EHR #HIPAA #IPMeter
Nozomi Networks and Advens Partner to Deliver Cybersecurity Solutions for Critical Infrastructure in France
Nozomi Networks has partnered with Advens to provide advanced OT and IoT cybersecurity solutions across France and Europe. This collaboration targets critical infrastructure environments, addressing their unique cybersecurity needs. Advens uses Nozomi Networks' ANSSI-certified solutions to enhance their managed SOC services, offering threat detection, risk management, and network visibility. The partnership recently supported the Paris 2024 Olympics, ensuring security for critical systems such as water infrastructure, event venues, and roadways. Nozomi’s platform played a crucial role in protecting the event from cyberattacks, showcasing the value of their joint cybersecurity capabilities for critical infrastructure.
Nozomi Networks and Advens have teamed up to address the increasing cybersecurity demands of critical infrastructure in France and Europe. Using Nozomi’s advanced cybersecurity solutions, the partnership provides managed services and risk management tools to protect IoT and OT environments. The partnership has already proven successful, most notably in securing the Paris 2024 Olympics, safeguarding infrastructure from cyberattacks. As digital threats to critical systems grow, the companies aim to continue providing robust, comprehensive security solutions for industries like healthcare, energy, and manufacturing.
November 22nd Newsletter Content [Original Newsletter]
Subject: IPMeter- Nov 22, (HOTw) Ngioweb Botnet, Common IoT Pitfalls, Future of IoT Security, RCE issue with OvrC IoT Platform
Hack of the Week (HOTw)
How the Ngioweb Botnet is Exploiting IoT Devices for Proxy Networks
A new report from Lumen Technologies sheds light on a troubling reality in IoT security: the Ngioweb botnet is hijacking devices from well-known manufacturers like NETGEAR, Hikvision, Reolink, and Zyxel. Everyday devices—routers, cameras, and other connected hardware—are being turned into tools for hackers. Shockingly, access to these compromised devices is sold on underground markets for as little as $0.20 a day. With two-thirds of these infected devices located in the U.S., they’re being used for credential-stuffing, DDoS attacks, and more. It’s a clear call to action for manufacturers and users alike to step up IoT security before these vulnerabilities cause more damage.
At IPMeter, we’re dedicated to protecting critical infrastructure. Our tools and services secure IoT, IT, and industrial systems, ensuring your operations remain safe and reliable. Reach out to demo@ipmeter.net to see how we can help safeguard your network.
#IoTSecurity #Cybersecurity #IPMeter #NETGEAR #Hikvision #Zyxel
This report highlights a critical issue: the lack of robust IoT security measures in devices that are becoming foundational to modern infrastructure. Allowing routers, cameras, and other household IoT devices to act as proxies for malicious actors is a failure that has far-reaching consequences, from financial losses to compromised public safety systems. The rapid monetization of infected devices shows how quickly bad actors can exploit weak security.
5 Common IoT Security Pitfalls—and How to Avoid Them
IoT technology is revolutionizing industries, offering unprecedented opportunities for data-driven decisions, innovation, and growth. But with over 14.3 billion connected devices, securing IoT networks is a monumental challenge. A recent article highlights five critical mistakes organizations often make in IoT security—such as neglecting hardware updates, overlooking encryption, and failing to enforce strong password practices. The piece emphasizes actionable strategies to mitigate these risks, including regular endpoint monitoring, encryption standards, and robust training programs for employees. Don't let your systems become easy targets for cybercriminals.
At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
#IoTSecurity #CISA #Cybersecurity #IPMeter
The challenges in IoT security reveal a worrying gap in how critical infrastructure is protected. It’s shocking that 98% of IoT data still isn’t encrypted. This oversight opens the door for threats like node injection or firmware vulnerabilities to wreak havoc. Even basics like strong passwords and proper employee training are often neglected—leaving organizations exposed to avoidable risks.
When it comes to securing systems like IoT networks, we need to treat them with the same seriousness as other essential infrastructure, such as airports or water treatment plants. Solutions like layered security, keeping devices up to date, and maintaining full visibility of endpoints shouldn’t be optional—they’re critical. IoT is becoming the backbone of how industries operate, and it’s time we protect it like it matters. Because it does.
The Future of IoT Security: A $60 Billion Opportunity
A recent Juniper Research report projects the IoT cybersecurity market will more than double in value, reaching $60 billion by 2029. With enterprise IoT adoption booming, the increased number of devices opens the door to greater cybersecurity threats, emphasizing the need for robust protections. The report underscores the critical role of advanced solutions like Next-Generation Firewalls (NGFWs) and Extended Detection and Response (XDR) in safeguarding the growing number of IoT connections, especially at the vulnerable network layer, which is expected to account for 45% of cybersecurity investments by 2025.
At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
#IoTSecurity #CISA #IPMeter #Cybersecurity #NextGenFirewalls
The rapid growth in IoT adoption is exciting, but the risks it brings are deeply concerning. The lack of robust security in many IoT deployments could expose critical infrastructure like airports, water treatment facilities, and manufacturing plants to devastating cyber-attacks. While the report highlights solutions like NGFWs and XDR, the challenge is ensuring these tools are implemented and managed effectively. Too often, IoT security is treated as an afterthought, leading to vulnerabilities that can cripple essential systems.
The time to act is now. Investing in comprehensive security frameworks, guided by standards like NIST 800-53, isn’t just prudent—it’s necessary to prevent catastrophic financial and operational impacts. As IoT connections surge by 91% over the next five years, businesses must prioritize security at every layer, from endpoints to the Cloud. The consequences of failing to do so could be severe for industries and the national infrastructure we all rely on.
Remote Code Executiion issue with OvrC Iot Platform. CVSS Score of 9.2
A security analysis of the OvrC platform, which manages IoT devices such as cameras, routers, and power supplies, has uncovered serious vulnerabilities that could allow attackers to remotely execute code and gain control of connected devices. The flaws were found in OvrC Pro and OvrC Connect, impacting over 500,000 end-user locations. Exploiting these vulnerabilities could allow attackers to bypass firewalls, hijack devices, and run arbitrary code. With a CVSS score of 9.2 for some of the most critical issues, the risks are significant. The vulnerabilities highlight the need for manufacturers and cloud service providers to prioritize security in the rapidly growing IoT space.
At IPMeter we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
#IoTSecurity #CISA #IPMeter #CloudSecurity #Cybersecurity
The vulnerabilities discovered in the OvrC platform underscore a growing concern for all industries relying on IoT devices and cloud management for everyday operations. These flaws, which could allow remote code execution, provide a clear example of how weak access controls, poor authentication methods, and failure to secure device-to-cloud connections can create devastating risks. The impact of such breaches on critical systems like power supplies, business routers, and home automation devices cannot be overstated. It is imperative that IoT manufacturers, especially those handling essential infrastructure like airports and water treatment facilities, adopt stricter security measures, including better input validation, stronger authentication, and more secure cloud management platforms. As these devices proliferate, securing every layer—especially in industries where uptime and safety are non-negotiable—should be the priority. The time to address these vulnerabilities is now, before they turn into full-scale breaches.
October 1st Newsletter Content [Original Newsletter]
Subject: IPMeter- Oct 1, Imron Summit, ZTE Healthcare, IoT Security Blind Spots, 3 Key Tips, (HOTw) Kia Secuirty Flaw
Imron Security and Safety Summit
We will be showcasing our IPMeter cybersecurity and OT operations integration into Imron Corporation's suite of services. Steve Kiss will not be attending, but Mel Beckman will be our guest speaker at the event. He will be discussing the latest events and trends in cybersecurity, the intersection of physical security and cybersecurity and answering questions from attendees and other panelists. Mel brings a wealth of knowledge on building and maintaining carrier grade highly secure communications networks.
ZTE and China Telecom Bring 5G IoT Solutions to Healthcare
ZTE and China Telecom have teamed up to implement a 5G IoT solution at The First Affiliated Hospital of Soochow University. This partnership aims to revolutionize healthcare by integrating public and private applications within a unified network structure. With more than 3,000 terminals connected, the system simplifies the hospital’s network while reducing upgrade costs by 80%. Key features include real-time monitoring of patients during emergencies and 5G-enabled vehicles for instant imaging diagnostics, all designed to enhance medical efficiency and improve patient outcomes. At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo. #IoTsecurity #CISA #IPMeter #5G #HealthcareInnovation
While ZTE and China Telecom’s 5G IoT deployment in hospitals is impressive, it’s essential to remember the critical security challenges that come with integrating healthcare and IoT. The interconnected nature of medical devices, patient data, and public infrastructure exposes a vast attack surface that hackers could exploit. A breach could disrupt not only hospital operations but also impact patient safety. Ensuring that the backbone of these smart systems is hardened against cyber threats should be a priority. As we've seen in industries like water treatment, aviation, and building management, securing IoT systems at the network and device levels is non-negotiable for national infrastructure integrity.
OT Security Blind Spots and How to Close Them
With the rise of Industry 4.0, many organizations are failing to protect their Operational Technology (OT) environments from increasingly sophisticated cyberattacks. A recent report highlights that in 2023, over 500 OT sites experienced breaches, with damages ranging from $10 million to $100 million. Traditional perimeter-based defenses are no longer enough, and businesses are unknowingly leaving themselves vulnerable to lateral movement by attackers. As critical OT systems, such as manufacturing lines and industrial controls, become interconnected with IT networks, new strategies like microsegmentation are emerging as essential tools to protect these environments. By isolating different zones and limiting lateral movement, companies can reduce breach impacts and ensure greater operational resilience. At IPMeter, we’re committed to protecting critical infrastructure through innovative tools and services that support IoT, IT, and OT systems in industries across the country. Our focus on security, reliability, and availability drives us to secure systems that power factories, plants, and buildings. Reach out to us at demo@ipmeter.net for a demo.
The convergence of OT and IT presents a glaring blind spot in current cybersecurity strategies. While the business world embraces the benefits of Industry 4.0, the security risks involved are often underestimated, particularly in industries that rely on minimal downtime and mission-critical operations. From my perspective, the lack of visibility and control in OT environments is alarming. With the increasing number of attacks targeting OT systems and the potential for breaches to result in catastrophic operational and financial damage, companies must move beyond outdated perimeter-based security models. A proactive, breach-ready approach utilizing advanced microsegmentation is the future. Without the proper segmentation and zone-based access controls, it’s not a matter of if, but when, an attack will bring down critical infrastructure. The stakes couldn’t be higher for industries such as water treatment, aviation, and manufacturing.
Securing IoT Devices in a Connected World: 3 Key Tips
As IoT devices become more integral to daily operations, they also present new cybersecurity challenges that can be easily overlooked. From smart TVs to security cameras, securing these devices is essential to protect your organization from potential cyber threats. Gaining visibility into your network, addressing common vulnerabilities such as outdated firmware, and ensuring secure deployment practices are three critical areas to focus on. By adopting these strategies, organizations can stay ahead of evolving IoT-targeted threats and safeguard their infrastructure. At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo. #IoTsecurity #cisa #ipmeter #cybersecurity #iot #infrastructuresecurity
IoT device security is often treated as an afterthought, especially in critical infrastructure sectors like aviation, water treatment, and manufacturing. The reality is, we cannot afford to be complacent. Weak default credentials and unpatched firmware can become easy entry points for cybercriminals, and the impact of an IoT breach could cascade through essential systems, causing major disruptions. Network segmentation and strict access controls are non-negotiable for industries handling sensitive operations. Our nation’s infrastructure requires robust, proactive measures to prevent these vulnerabilities from compromising the safety and integrity of operations. Those who fail to act now may find themselves at the mercy of malicious actors when it’s too late.
Hack of the Week (HOTw)
Kia's Security Flaw Leaves 7 Million Cars Vulnerable to Hackers for 3 Months
Over 7 million Kia cars made after 2013 were vulnerable to a major security flaw that allowed hackers to control the vehicles remotely using only a license plate number. The breach, affecting cars across North America, exposed personal information and gave attackers the ability to track locations, unlock doors, and start engines—all without the owner's knowledge. Alarmingly, it took Kia three months to fix the issue after its discovery in June 2024. Fortunately, the vulnerability was not exploited maliciously, and Kia has since patched the problem.
At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
#IoTSecurity #CISA #IPMeter #Cybersecurity #AutomobileSecurity #CriticalInfrastructure
A decade ago, we had a contract with Bosch who was working on CANbus scan tools. A system that directly controls sensors and actuators in vehicles. It's unfortunate that a hack like this is still possible today. Frankly, it's a result of negligence—failing to secure I/O and landside interfaces despite the known risks to reputation and public safety. The CANbus is incredibly powerful, and companies integrating into it from various divisions need to understand and address the security risks. We've seen how compromising these systems can lead to significant vulnerabilities, yet companies continue to overlook these issues, leaving millions of customers at risk. This isn't just a technical flaw—it's a breakdown in security responsibility. If we don't prioritize robust protections for IoT systems, incidents like this will only keep happening.
September 5th Newsletter Content [Original Newsletter]
Subject: IPMeter- Sep 5, Routing Security, IoT Security Preparedness, Surge in IoT, VentureBeat, IoT vulnerabilities for profit, HOTw
Strengthening Internet Security: ONCD's New Roadmap Tackles Longstanding BGP Vulnerabilities
The White House Office of the National Cyber Director (ONCD) has unveiled a roadmap to bolster internet routing security by addressing vulnerabilities in the Border Gateway Protocol (BGP), a fundamental protocol for internet traffic routing. This roadmap advocates for the adoption of Resource Public Key Infrastructure (RPKI) to enhance BGP security, aiming to cover over 60% of federal IP space with Route Origin Authorizations (ROAs) by year-end. The plan includes a collaborative effort with industry and government stakeholders through the Internet Routing Security Working Group to develop frameworks and resources to prioritize security for critical routes and IP resources. #IoTsecurity #cisa #ipmeter #Cybersecurity #CriticalInfrastructure
The ONCD's roadmap represents a crucial step forward in securing BGP, which has long been a weak link in internet security. By advocating for RPKI and setting clear goals for federal adoption, ONCD is not only addressing a foundational vulnerability but also setting a precedent for broader industry adoption. This proactive approach is essential given the escalating cyber threats and the interconnected nature of today's digital infrastructure. The success of this initiative could significantly enhance the resilience of internet routing and protect critical infrastructure from malicious disruptions and data breaches.
Navigating the Future of IoT Security: Are We Prepared?
As the Internet of Things (IoT) grows, so do its vulnerabilities. With an estimated 30 billion devices online by 2025, securing these systems is a top priority. From malware attacks to physical tampering, IoT devices face a wide range of threats. Implementing strategies like secure device design, encryption, and regular firmware updates is crucial to mitigating risks. But resource constraints and diverse ecosystems add layers of complexity. At IPMeter, we take the security of critical infrastructure seriously, providing tools and services to support IoT systems in buildings, factories, and beyond. Contact us at demo@ipmeter.net to learn more about how we can help safeguard your systems. #Iotsecurity #cisa #ipmeter #cybersecurity #OTsecurity
The explosion of IoT devices has been a double-edged sword. On one hand, it unlocks unprecedented efficiencies across industries like aviation, manufacturing, and water treatment. On the other, it opens the door to severe security breaches that could cripple critical infrastructure. The risks aren’t hypothetical; they’re real and growing. It’s essential that we adopt a zero-trust mindset and incorporate AI-driven security solutions to stay ahead of evolving threats. As industries increasingly rely on IoT, we can’t afford to treat security as an afterthought—especially in sectors like airports and water treatment, where vulnerabilities could have catastrophic consequences.
The IoT Surge: 18.8 Billion Devices and Growing in 2024
The IoT landscape is on an unstoppable growth trajectory, with a projected 13% increase in connected devices by the end of 2024, reaching 18.8 billion globally. Despite challenges like chipset shortages and geopolitical tensions, industries are ramping up IoT investments, with forecasts showing a staggering 40 billion devices by 2030. Emerging technologies like Edge AI and generative AI are reshaping how IoT devices operate, driving smarter, faster decision-making at the edge. The future of IoT is unfolding across key sectors from manufacturing to smart cities, and the opportunities are endless. #IoTsecurity #cisa #ipmeter #edgeAI #techtrends At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
As IoT devices proliferate at an unprecedented pace, securing our nation’s infrastructure becomes more critical than ever. With nearly 80% of IoT devices relying on Wi-Fi, Bluetooth, and cellular technology, the attack surface is broadening. From water treatment plants to access control systems in airports, these connected devices are not just conveniences—they are the new front lines in cybersecurity. If we don’t address vulnerabilities now, we risk leaving key infrastructure exposed to devastating attacks. It’s time for leaders in sectors like manufacturing, aviation, and building management to take proactive steps toward securing their IoT ecosystems, before it's too late.
The Growing Threat to Industrial IoT: Insights from VentureBeat on IoT Security
A recent VentureBeat article dives deep into cybersecurity challenges, and its section on the Internet of Things (IoT) is particularly insightful. It highlights how IoT devices in industrial settings—like manufacturing, distribution, and processing—are prime targets for cyberattacks. CISA warns that nation-state actors are actively exploiting these vulnerabilities, with some IoT breaches costing enterprises between $5 and $10 million. Experts from Keyfactor and Honeywell stress the importance of zero-trust security measures as IoT adoption grows. #Iotsecurity #CISA #IPMeter #cybersecurity #ICSsecurity At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
The VentureBeat article underscores the critical need to prioritize IoT security, especially in infrastructure sectors like airports, water treatment, and automotive manufacturing. As IoT devices proliferate, so do the attack surfaces, putting entire industrial control systems at risk. Relying on traditional perimeter-based security is no longer sufficient, and we must embrace more robust solutions like NIST 800-207’s zero-trust model. If we don’t take proactive steps now to protect our nation’s vital infrastructure, the consequences could be catastrophic.
One mans threat is another mans treasure- IoT version
As IoT devices proliferate in homes and industries, the security risks of using outdated or unsupported technology are becoming increasingly dangerous. Devices that no longer receive updates or patches—such as old routers, cameras, and smart home systems—are vulnerable to exploitation by malicious actors. These insecure devices are prime targets for hackers who can turn them into part of a botnet, capable of launching cyberattacks like DDoS or even spying on unsuspecting users. The article highlights the need for awareness, proper device retirement, and security considerations when repurposing older technology. #IoTsecurity #cisa #ipmeter #Cybersecurity #CriticalInfrastructure
Relying on outdated IoT devices presents a critical vulnerability for both individuals and industries. In sectors like aviation, water treatment, and building management, the security lapse caused by unsupported devices could have devastating consequences, such as espionage or crippling system shutdowns. We cannot afford to be lax about cybersecurity, especially as our national infrastructure becomes more interconnected and reliant on these technologies. While it’s tempting to keep older devices for cost-saving reasons or nostalgia, doing so without proper security measures risks turning them into gateways for hackers. This is why implementing and enforcing standards like NIST 800-53 and ensuring robust security patches for IoT and OT devices must be a top priority.
Hack of the Week (HOTw)
Halliburton Data Breach Highlights Urgent Need for Enhanced OT Security
Halliburton has confirmed a significant data breach resulting from a cyberattack on August 21, 2024. The attack, which disrupted various business applications and operations, led to unauthorized access and exfiltration of sensitive information. Although the full impact remains unclear, Halliburton is in the process of restoring affected systems and adhering to safety standards. This incident underscores the critical need for robust security measures, especially as industries like oil and gas increasingly integrate IT and operational technology. To learn more about how such breaches can impact your organization, check out the latest details. #Iotsecurity #CISA #IPMeter #CyberSecurity #DataBreach At IPMeter, we are serious about protecting critical infrastructure. We provide tools and services to support IoT, IT, and commercial systems in buildings, factories, and plants across the country. We are fanatical about security, reliability, and availability. Reach out to us at demo@ipmeter.net to schedule a demo.
The Halliburton cyberattack serves as a stark reminder of the vulnerabilities that exist within critical infrastructure sectors, particularly as IT and OT systems become more interconnected. The expanding attack surfaces due to IT/OT convergence create complex security challenges that many organizations are struggling to address effectively. This incident should drive all sectors, especially those managing critical infrastructure, to reassess and enhance their cybersecurity protocols. Implementing advanced security measures like microsegmentation can help mitigate the risk of such unauthorized access and protect against potentially devastating cyber-physical threats.